With Liberty Reserve’s shutdown, Hold Security has been given credible evidence from an unknown source stating that Liberty Reserve customers’ data is being used to compromise their other financial accounts.
Based on the evidence, they believe e-mail addresses and passwords that belonged to Liberty Reserve customers have been used in Brute Force attacks against other financial sites. Cyber attacks using Chinese CAPTCHA-breaking services began as early as May 27, 2013, targeting financial institutions where Liberty Reserve customers may have accounts.
These unidentified hackers are relying on individuals using the same account credentials across multiple financial accounts and targeted organizations with a similar profile. Hold Security states, “The attack patterns observed appeared to have a moderate level of sophistication, and, at this time, are only aiming to verify if a compromised account data is valid at the targeted financial organizations.”
The hackers are also believed to have the hashed passwords, and have so far decrypted the less complex passwords. Hold Security then goes onto say that hey are “working to identify the hackers but, at this time, there is no definite data or attribution. While the password-guessing attacks are coming from China, there is no conclusive evidence that the hackers are from there.”